ADVERTISEMENT

Addition_17-02-2015_20-29-32.txt

Jak usunąć nawracający wirus svchost.exe z folderu windowstemp?

Skany z FRST:


Download file - link to post

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by igor at 2015-02-17 20:28:54
Running from C:\Users\igor\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with " hidden " flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip (HKLM\...\7-Zip) (Version: 9.30 - © 2013 Igor Pavlov)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_678cd98c8365a5647f9a2e539d120a8) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
ALLConverter PRO 1.3 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.)
ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.)
ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.)
AMD Catalyst Install Manager (HKLM\...\{80605209-360B-C082-6D1E-DEE20E0A2802}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Ashampoo Burning Studio 2010 Advanced (HKLM-x32\...\Ashampoo Burning Studio 2010 Advanced_is1) (Version: 9.2.4 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Curse Client (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
DC Universe Online (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
Detektor Winampa (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Digdoge.org wersja v0.9.1-RC1 (HKLM-x32\...\{FED99B59-117A-4D2B-820E-CD27536EB68E}_is1) (Version: v0.9.1-RC1 - Digdoge.org)
Digital Image Recovery 1.47 (HKLM-x32\...\Digital Image Recovery_is1) (Version: - Alexander Grau)
Dragon Age Inquisition (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.0.0.0 - Релиз от R.G. Steamgames)
EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.3.0.58666 - Electronic Arts, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Download Manager 3.9.3 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\GameRanger) (Version: - GameRanger Technologies)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grand Theft Auto IV (HKLM-x32\...\Grand Theft Auto IV_is1) (Version: 1.0.4.0 - )
Grand Theft Auto IV Complete Edition MULTi-5 Plus EXTRAS 1.0 (HKLM-x32\...\Grand Theft Auto IV Complete Edition MULTi-5 Plus EXTRAS 1.0) (Version: - )
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - © 2013 Kai Liu)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.238 - SurfRight B.V.)
ImDisk Virtual Disk Driver (HKLM\...\ImDisk) (Version: 1.* - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Letasoft Sound Booster version 1.2 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.2 - Letasoft LLC)
Life Is Strange (HKLM-x32\...\Life Is Strange_is1) (Version: - SQUARE ENIX)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Matematyka 2004 (HKLM-x32\...\Matematyka 2004) (Version: - )
MegaTrainer eXperience V1.2.3.9 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{154C7340-7C70-11E3-A15F-F04DA23A5C58}) (Version: 13.0.879 - Sony)
Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - )
NHMTTS SAPI5 Engine 4.0 (HKLM-x32\...\NHMTTS SAPI5 Engine 4.0) (Version: - )
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Panel sterowania NVIDIA 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PIT Format 2013 (HKLM-x32\...\PIT Format 2013_is1) (Version: - Biuro Informatyki Stosowanej FORMAT)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.1 - Rockstar Games)
SearchMe Toolbar v10.5 (HKLM-x32\...\{C24EFF6F-37EB-410B-B5BF-EAB9CB4E0824}) (Version: 10.5 - Spigot, Inc.) & lt; ==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.5.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.0 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Styx - Masters of Shadows (HKLM-x32\...\Styx - Masters of Shadows_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)
Tasker v4.110 (HKLM-x32\...\Tasker_is1) (Version: - Vista Software, Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls V Skyrim (HKLM-x32\...\{4FEF52F2-3C2C-4B80-9443-3D6A654328D0}_is1) (Version: - Bethesda Softworks)
The Sims 4 Update v1.2.16.10 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00 - Ubisoft)
Tytus, Romek i A'tomek (HKLM-x32\...\Tytus, Romek i A'tomek_is1) (Version: - PLAY SP. Z O.O.)
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version: - File Recovery Ltd.)
Unity Web Player (HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Worms Ultimate Mayhem (HKLM-x32\...\Worms Ultimate Mayhem_is1) (Version: - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3923945171-1339859217-2267014042-1000_Classes\CLSID\{d0e64cf9-474f-4871-a6f3-1bf78d8b6136}\InprocServer32 - & gt; C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3923945171-1339859217-2267014042-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 - & gt; C:\Users\igor\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points =========================

08-02-2015 13:27:53 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
16-02-2015 20:38:22 Punkt przywracania stworzony przez HitmanPro
16-02-2015 20:39:05 Punkt przywracania stworzony przez HitmanPro
16-02-2015 20:51:49 Punkt przywracania stworzony przez HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09EA565A-2AA4-48A9-BB20-39867510025E} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {146A4026-7ADB-4E11-8881-D9F74A36ABE3} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {20B188D0-6F88-4D8C-8438-428F328F2A8B} - System32\Tasks\Origin = & gt; C:\ProgramData\Origin\update.vbe [2015-01-23] () & lt; ==== ATTENTION
Task: {963D6D0F-5456-4CB0-BFD9-D6B1FA052636} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.)
Task: {A0CA7908-7541-47A6-A150-2066C1C82DA0} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BED2E16A-E3DB-49E2-A4FD-510B613DF69A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask = & gt; Sc.exe start osppsvc
Task: {C31C83DA-3C3D-4348-916E-CF4D3588E1F2} - System32\Tasks\Opera scheduled Autoupdate 1417883431 = & gt; C:\Program Files (x86)\Opera\launcher.exe
Task: {F3C4F20B-2F1C-4182-88C6-54FAD74D8903} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-29 18:21 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-08 15:32 - 2015-02-04 20:56 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2014-09-25 19:44 - 2014-09-25 19:44 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2013-03-19 14:15 - 2013-03-19 14:15 - 00704008 _____ () C:\Windows\SysWOW64\C2MP\TrayMenu.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-02-16 20:59 - 2015-02-17 20:20 - 01605120 _____ () C:\Windows\Temp\svchost.exe
2014-06-12 17:01 - 2014-12-12 12:15 - 00374840 _____ () C:\Users\igor\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2015-02-16 20:32 - 2015-02-17 20:21 - 01659904 _____ () C:\Windows\Temp\lsass.exe
2014-06-12 17:01 - 2014-12-12 12:15 - 36966968 _____ () C:\Users\igor\AppData\Roaming\Spotify\Data\libcef.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-07-18 10:36 - 2014-12-12 12:15 - 00867896 _____ () C:\Users\igor\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-06-12 17:01 - 2014-12-12 12:15 - 00886840 _____ () C:\Users\igor\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-06-12 17:01 - 2014-12-12 12:15 - 00108600 _____ () C:\Users\igor\AppData\Roaming\Spotify\Data\libegl.dll
2015-01-26 19:20 - 2015-01-26 19:20 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2015-02-04 21:31 - 2015-02-04 21:31 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The " AlternateShell " will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer = & gt; " " = " Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer = & gt; " " = " Service "

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3923945171-1339859217-2267014042-1000\Control Panel\Desktop\\Wallpaper - & gt; C:\Users\igor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.179.1.63 - 62.179.1.62

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^igor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip = & gt; C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^igor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk = & gt; C:\Windows\pss\GameRanger.lnk.Startup
MSCONFIG\startupreg: ALLUpdate = & gt; " C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe " " sleep "
MSCONFIG\startupreg: BCSSync = & gt; " C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe " /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring = & gt; " C:\Program Files\CCleaner\CCleaner64.exe " /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite = & gt; " C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe " -autorun
MSCONFIG\startupreg: Digdoge.org = & gt; " C:\Program Files (x86)\Digdoge.org\dig.exe " " autostart "
MSCONFIG\startupreg: Free Download Manager = & gt; D:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
MSCONFIG\startupreg: Raptr = & gt; C:\Program Files (x86)\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype = & gt; " C:\Program Files (x86)\Skype\Phone\Skype.exe " /minimized /regrun
MSCONFIG\startupreg: StartCCC = & gt; " D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe " MSRun
MSCONFIG\startupreg: uTorrent = & gt; " C:\Users\igor\AppData\Roaming\uTorrent\uTorrent.exe " /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-3923945171-1339859217-2267014042-500 - Administrator - Disabled)
Gość (S-1-5-21-3923945171-1339859217-2267014042-501 - Limited - Disabled)
igor (S-1-5-21-3923945171-1339859217-2267014042-1000 - Administrator - Enabled) = & gt; C:\Users\igor

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/17/2015 08:20:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/17/2015 07:11:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 09:23:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:53:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:41:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:32:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:04:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: GTAIV.exe, wersja: 1.0.7.0, sygnatura czasowa: 0x4bd9efbe
Nazwa modułu powodującego błąd: EasyHook32.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x49b2707b
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000cc2f
Identyfikator procesu powodującego błąd: 0x8ac
Godzina uruchomienia aplikacji powodującej błąd: 0xGTAIV.exe0
Ścieżka aplikacji powodującej błąd: GTAIV.exe1
Ścieżka modułu powodującego błąd: GTAIV.exe2
Identyfikator raportu: GTAIV.exe3

Error: (02/16/2015 07:45:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 07:15:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: lsass.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5437da30
Nazwa modułu powodującego błąd: lsass.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5437da30
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000010ca0
Identyfikator procesu powodującego błąd: 0x13f8
Godzina uruchomienia aplikacji powodującej błąd: 0xlsass.exe0
Ścieżka aplikacji powodującej błąd: lsass.exe1
Ścieżka modułu powodującego błąd: lsass.exe2
Identyfikator raportu: lsass.exe3


System errors:
=============
Error: (02/17/2015 08:56:43 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/16/2015 09:22:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa BBUpdate niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa CodeMeter Runtime Server niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Live ID Sign-in Assistant niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Splashtop Software Updater Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Splashtop® Remote Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa RzKLService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/16/2015 09:22:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Microsoft Office Sessions:
=========================
Error: (02/17/2015 08:20:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/17/2015 07:11:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 09:23:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:53:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:41:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:32:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 08:04:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GTAIV.exe1.0.7.04bd9efbeEasyHook32.dll0.0.0.049b2707bc00000050000cc2f8ac01d04a199728d350D:\Gry\gta 4\GTAIV.exeD:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dllab131205-b60e-11e4-8f6a-6cf0497f0178

Error: (02/16/2015 07:45:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (02/16/2015 07:15:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lsass.exe0.0.0.05437da30lsass.exe0.0.0.05437da30c00000050000000000010ca013f801d049f8917f98c9C:\Windows\Temp\lsass.exeC:\Windows\Temp\lsass.exec92a851a-b607-11e4-965b-6cf0497f0178


CodeIntegrity Errors:
===================================
Date: 2015-01-31 20:49:06.690
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-31 20:49:06.688
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-31 20:49:06.686
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-31 20:49:06.653
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-31 20:49:06.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-31 20:49:06.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-28 17:24:41.609
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-28 17:24:41.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-28 17:24:41.605
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-01-28 17:24:41.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.